Re: [tor-bugs] #26071 [Internal Services/Tor Sysadmin Team]: Please give Tommy LDAP access

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26071: Please give Tommy LDAP access
-+-
 Reporter:  phoul|  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by phoul):

 I have adjusted the signed text to reflect Tommy's username, and include
 the current forward address. Please let me know if anything is incorrect.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26071 [Internal Services/Tor Sysadmin Team]: Please give Tommy LDAP access

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26071: Please give Tommy LDAP access
-+-
 Reporter:  phoul|  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Description changed by phoul:

Old description:

> {{{
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Please create LDAP access for Tommy.
>
> Name: Tommy Collison
> Initial forwarding email address: X (He already has a @tpo email)
> PGP key fingerprint: BB4B 1E3A B96C 3FCD 0482  89E0 1A91 F49B A783 00BD
> Username: t0mmy
> -BEGIN PGP SIGNATURE-
>
> iQIzBAEBCgAdFiEE1wvVjyUkasP2SLJzSuAjZ3OOefwFAlr0iQ8ACgkQSuAjZ3OO
> efzZ+hAAoQahDjfPYLjL8rHUB/v2s/Dli/DYh9qo+dC63yyxpWAG2O+vOD4pJawG
> tOU/814PXuOncjD8hyvGKqzB8af39qgeDay5pYsqUzvFe8fFvO0ZVLDIiIZ9WrwJ
> cKKkFBSRe+0Q/UAbzYCrzfQdbnDPXjTKerrKWDFNpIvHUX/dXF+L7aJJ+BqeLsb1
> Xcbji7l3Ptny8P0X84GT31xhAg69OmKBoM6H3rSkuhjHHR8W62g26YWcrM9D6Fy1
> eKttBEUOtMv/y9XOfxXqArIGjolJ4DyPsk5LFApKN1paf1XrO4B12QlwMpPF+0oE
> hGMlCIh8tr1dik0JYQqM19JmZaX6ZD0Slkph0BnoNg41W5O/sgpR01QfRV97dplq
> fXqaHwjFJbRdee0gNVMOKFytG3/nX07sT+Xg6o+duOS0RLFhabfsxOLLccK4EoJL
> xzPJ72H54D760hjwJnqtmyQGRNEcEIao8yHWRSEBQ8HzsRZ+afk0LzGGVsSdPFBJ
> FUYiUcXHpdBSEIHMH6SVMDOMj4ThLTD2SPqmhYnM9dIPVvxWs4QN1TCIxdZpDaoI
> 0VclhjIOd9hCjRTzxJed63hexpd7/S01Kh5mXAh8BtGRtcftAq053Wkj6VRC6Vfu
> J8qmD8ay0CikR1IfsR8Ojq8kT4W3hSJAqK1ChMaK6OoNNYti9ek=
> =13eO
> -END PGP SIGNATURE-
> }}}

New description:

 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 Please grant an LDAP account to Tommy.

 Name: Tommy Collison
 Initial forwarding email address: to...@collison.ie (tom...@torproject.org
 exists already)
 PGP key fingerprint: BB4B 1E3A B96C 3FCD 0482  89E0 1A91 F49B A783 00BD
 Username: tommyc
 -BEGIN PGP SIGNATURE-

 iQIzBAEBCgAdFiEE1wvVjyUkasP2SLJzSuAjZ3OOefwFAlsDnf4ACgkQSuAjZ3OO
 efyJzQ//f5ycA15JpBzh7gwtOFaM9XZ4V4WeSXwnA6a4hIsu3bcIb+NTwXEXnsid
 3YW7+2dC7TPnRGQkMJ69lq3SEaZAMjrrlZY4f5pCrKIRM+1PAsz5EsYtwIXGLFbv
 HN8rP6qWi+usT4wTSXXlm6s9LJ2Exk+XJgZFxr7BqWuWB9fSW//2SUnv4/2Cn+QQ
 8XQO9Z6bv/mSA9YTqaZzn7tMpBr3Lw8TDEjaudD4Bd4mPFIUdg6ScSmnFj20LWUJ
 F2sR3XRJzdnS9WheON2T+lDCihZtVK5ym7GoESKvUN6UZu7BRALDWOc73FMtmH2l
 IOg2IeHzG1A3hU6OHb0aAso1xhOMuDurNVFV9W80N1XgEO90MZUnIkoFW50s4n5u
 GjRTgTD+saFPO463R2yuFl6uPSkivsXSRYzbOm111Pu0+clNcrTK2QZLBoLjvOja
 UEizrr//R8wCE9U6NHt4/U/DFiEAsBrVD40gXRHAXY/V1IAwZRmV3DmtmsphmA9j
 9Nyg2HvaKtPWhp2hTv+djD1P72Z7OvVmTl9AO0wXg2HdVsnv0hDZXvkYzhPaaPzZ
 EYt2CxfGj+wDYwCxnVNxXuxAvEGgJCG9/lmPU8qQmgVanJZGp/gaH2IIUvwqGtfK
 u2n/bX/2aA0nA3fxzHHPRLrzxEubjqHQGdYANqzGaCjzGllSw1o=
 =lQc5
 -END PGP SIGNATURE-
 }}}

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26158 [Core Tor/Tor]: A little bug of circular path of Tor

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26158: A little bug of circular path of Tor
-+-
 Reporter:  TBD.Chen |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.0.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  circular-path, security-low, |  Actual Points:
  031-backport, 032-backport, 033-backport,  |
  034-backport   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:  circular-path =>
 circular-path, security-low, 031-backport, 032-backport, 033-backport,
 034-backport
 * version:  Tor: 0.3.2.10 => Tor: 0.3.0.1-alpha
 * milestone:  Tor: 0.3.2.x-final => Tor: 0.3.4.x-final


Comment:

 Thanks for reporting this issue!

 This is a bug in commit c837786 in 0.3.0.1-alpha.

 I've marked it as security-low, because since commit 592a439 in
 0.2.7.2-alpha, directory authorities pin relay ed25519 keys to RSA keys.
 This means that a relay in the consensus can't pass the RSA check, but
 fail the ed25519 check.

 (A client can't loop between two bridges using different keys, because RSA
 IDs are mandatory. When we stop making RSA IDs mandatory, we'll need to
 think carefully about this issue, and multiple ORPorts as well.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26157 [Internal Services/Service - trac]: Text captcha does not obey order of operations

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26157: Text captcha does not obey order of operations
--+---
 Reporter:  cypherpunks   |  Owner:  qbi
 Type:  defect| Status:  closed
 Priority:  Low   |  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 How did you file that ticket using Tor? It blocked me when I attempted to
 do so.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26158 [Core Tor/Tor]: A little bug of circular path of Tor

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26158: A little bug of circular path of Tor
--+
 Reporter:  TBD.Chen  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.2.10
 Severity:  Normal|   Keywords:  circular-path
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 In order to defend the **circular-path** attacks, Tor relays detects the
 next hop and  previous hop of a circuit through node-id and Ed25519-id.
 However, when the Tor relay detects the previous node has the same
 Ed25519-id with next node, it forgot to return -1, and continue to extend
 the circuit.
 This might cause some loopholes for the circular-path.
 {{{
   /* Next, check if we're being asked to connect to the hop that the
* extend cell came from. There isn't any reason for that, and it can
* assist circular-path attacks. */
   if (tor_memeq(ec.node_id,
 TO_OR_CIRCUIT(circ)->p_chan->identity_digest,
 DIGEST_LEN)) {
 log_fn(LOG_PROTOCO[[Image()]]L_WARN, LD_PROTOCOL,
"Client asked me to extend back to the previous hop.");
 return -1;
   }

   /* Check the previous hop Ed25519 ID too */
   if (! ed25519_public_key_is_zero(_pubkey) &&
   ed25519_pubkey_eq(_pubkey,
 _OR_CIRCUIT(circ)->p_chan->ed25519_identity)) {
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"Client asked me to extend back to the previous hop "
"(by Ed25519 ID).");
   }
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26157 [Internal Services/Service - trac]: Text captcha does not obey order of operations

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26157: Text captcha does not obey order of operations
--+---
 Reporter:  cypherpunks   |  Owner:  qbi
 Type:  defect| Status:  closed
 Priority:  Low   |  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Closing as duplicate of https://trac.edgewall.org/ticket/13031 (kindly
 posted by another user).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26157 [Internal Services/Service - trac]: Text captcha does not obey order of operations

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26157: Text captcha does not obey order of operations
--+---
 Reporter:  cypherpunks   |  Owner:  qbi
 Type:  defect| Status:  closed
 Priority:  Low   |  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by dmr):

 * cc: dmr (added)


Comment:

 > I tried to post this on ​https://trac.edgewall.org/newticket, but they
 have blocked submissions by Tor users. I am posting it here instead in
 case there is a possible workaround on Tor's side.

 Filed at:
 https://trac.edgewall.org/ticket/13031

 (For what it's worth, I used Tor Browser to file that ticket.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26157 [Internal Services/Service - trac]: Text captcha does not obey order of operations

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26157: Text captcha does not obey order of operations
--+-
 Reporter:  cypherpunks   |  Owner:  qbi
 Type:  defect| Status:  new
 Priority:  Low   |  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 The text captcha asks a simple math question, for example:
 > six plus two multiplied by four
 The correct answer is 6 + 2 × 4 = 6 + 8 = 15, due to order of operations,
 but the captcha system does not accept that and instead expects you to do
 (6 + 2) × 4 = 8 × 4 = 32. This is confusing to many users who do
 multiplication first, as they should. Please explicitly specify that order
 of operations is ignored, or do not ignore the order of operations. Or
 accept both answers to the ambiguous question (e.g. both 15 and 32).

 I tried to post this on https://trac.edgewall.org/newticket, but they have
 blocked submissions by Tor users. I am posting it here instead in case
 there is a possible workaround on Tor's side.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #3782 [Core Tor/Tor]: Add native chroot support to Tor

2018-05-21 Thread Tor Bug Tracker & Wiki 
#3782: Add native chroot support to Tor
--+--
 Reporter:  ioerror   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-relay |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 I meant using symlinks for the benefit of other programs outside of the
 chroot, e.g. a symlink from `/var/lib/tor/chroot/torrc` (the real file) to
 `/etc/tor/torrc` (a symlink). Otherwise it might be hard to convince
 people to change their log monitors to somewhere other than `/var/log`,
 etc.

 I haven't been on my development system for a while but when I get back on
 I'll give it a shot.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20424 [Core Tor/Tor]: Remove --enable-openbsd-malloc (Tor maxes CPU when --enable-openbsd-malloc is used)

2018-05-21 Thread Tor Bug Tracker & Wiki 
#20424: Remove --enable-openbsd-malloc (Tor maxes CPU when 
--enable-openbsd-malloc
is used)
-+-
 Reporter:  icanhasaccount   |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Minor| Resolution:
 Keywords:  review-group-31, |  Actual Points:
  034-triage-20180328, fast-fix  |
Parent ID:   | Points:  .2
 Reviewer:  nickm|Sponsor:
-+-

Comment (by cypherpunks):

 They use jemalloc for Windows? I was under the impression Windows used the
 system malloc. And yeah I know newer versions of jemalloc are improved
 (redzones, etc), but I'm still a little weary, especially given that
 OpenBSD's malloc is actually really well-designed from a security
 standpoint. Though honestly the Copperhead malloc (a hybrid of bionic and
 OpenBSD's) is even better, but I feel it's unlikely that it would be
 included in Tor.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25415 [Core Tor/Tor]: moria1 seg faults on testing relay reachability

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25415: moria1 seg faults on testing relay reachability
-+-
 Reporter:  arma |  Owner:  nickm
 Type:  defect   | Status:
 |  merge_ready
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.3.2-alpha
 Severity:  Blocker  | Resolution:
 Keywords:  033-backport, tor-dirauth, crash,|  Actual Points:
  033-must, review-group-34  |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:  tor-dirauth, crash, 033-must, review-group-34 => 033-backport,
 tor-dirauth, crash, 033-must, review-group-34


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25415 [Core Tor/Tor]: moria1 seg faults on testing relay reachability

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25415: moria1 seg faults on testing relay reachability
-+-
 Reporter:  arma |  Owner:  nickm
 Type:  defect   | Status:
 |  merge_ready
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.3.2-alpha
 Severity:  Blocker  | Resolution:
 Keywords:  tor-dirauth, crash, 033-must,|  Actual Points:
  review-group-34|
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by arma):

 * status:  reopened => merge_ready


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25415 [Core Tor/Tor]: moria1 seg faults on testing relay reachability

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25415: moria1 seg faults on testing relay reachability
-+-
 Reporter:  arma |  Owner:  nickm
 Type:  defect   | Status:
 |  reopened
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.3.2-alpha
 Severity:  Blocker  | Resolution:
 Keywords:  tor-dirauth, crash, 033-must,|  Actual Points:
  review-group-34|
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 Ok, I'm running maint-0.3.3 with commit 699bb80 manually applied and it
 looks like it's starting.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25415 [Core Tor/Tor]: moria1 seg faults on testing relay reachability

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25415: moria1 seg faults on testing relay reachability
-+-
 Reporter:  arma |  Owner:  nickm
 Type:  defect   | Status:
 |  reopened
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.3.2-alpha
 Severity:  Blocker  | Resolution:
 Keywords:  tor-dirauth, crash, 033-must,|  Actual Points:
  review-group-34|
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 Ok, turns out the reason might be simple: we merged nickm's bug25415 into
 0.3.4 but not into 0.3.3?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25415 [Core Tor/Tor]: moria1 seg faults on testing relay reachability

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25415: moria1 seg faults on testing relay reachability
-+-
 Reporter:  arma |  Owner:  nickm
 Type:  defect   | Status:
 |  reopened
 Priority:  High |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.3.2-alpha
 Severity:  Blocker  | Resolution:
 Keywords:  tor-dirauth, crash, 033-must,|  Actual Points:
  review-group-34|
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by arma):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 The bug is back, running maint-0.3.3 (the one we're hoping to call stable
 soon).

 I confirmed by adding the
 {{{
 +tor_assert(router->cache_info.signing_key_cert);
 }}}
 line back, and the assert triggers.
 {{{
 May 21 20:51:04.207 [err] Bug: Assertion
 router->cache_info.signing_key_cert fai
 led in dirserv_single_reachability_test at src/or/dirserv.c:3438. Stack
 trace: (on Tor 0.3.3.5-rc-dev 3c4353179f230476)
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26156 [Core Tor/Tor]: Undefined references to EVP_CIPHER_CTX_cleanup() with OpenSSL 1.1.0 no-deprecated

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26156: Undefined references to EVP_CIPHER_CTX_cleanup() with OpenSSL 1.1.0 no-
deprecated
--+
 Reporter:  laomaiweng|  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.3.4.1-alpha
 Severity:  Normal| Resolution:
 Keywords:  openssl   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by laomaiweng):

 By the way thanks for all the work on OpenSSL 1.1 support in #19429. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26156 [Core Tor/Tor]: Undefined references to EVP_CIPHER_CTX_cleanup() with OpenSSL 1.1.0 no-deprecated

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26156: Undefined references to EVP_CIPHER_CTX_cleanup() with OpenSSL 1.1.0 no-
deprecated
--+
 Reporter:  laomaiweng|  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.3.4.1-alpha
 Severity:  Normal|   Keywords:  openssl
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 On my machine with OpenSSL 1.1.0 `no-deprecated', Tor 0.3.4.1-alpha fails
 to build. The failure happens when linking several utilities, with the
 following error:

 {{{
 src/common/libor-crypto.a(aes.o): In function `aes_cipher_free_':
 /home/quentin/Security/Code/Tor/tor/src/common/aes.c:121: undefined
 reference to `EVP_CIPHER_CTX_cleanup'
 }}}

 This appears to be due to ''src/common/aes.c'' not #include-ing
 "compat_openssl.h", and thus not having the OPENSSL_1_1_API #define.
 Simply adding {{{#include "compat_openssl.h"}}} in ''aes.c'' fixes the
 build.
 I have also checked that building still succeeds against OpenSSL 1.0.1 and
 1.0.2 with this modification.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25549 [Core Tor/Tor]: Add tor CI config for AppVeyor

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25549: Add tor CI config for AppVeyor
-+-
 Reporter:  isis |  Owner:  saper
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-ci, tor-testing, 034-roadmap-|  Actual Points:
  subtask, 034-triage-20180328,  |
  034-included-20180328  |
Parent ID:  #25550   | Points:  2
 Reviewer:  isis, catalyst   |Sponsor:
 |  Sponsor3
-+-

Comment (by saper):

 Thanks [comment:37 nickm], much appreciated. I have added my rather minor
 comments to GitHub.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26136 [Core Tor/Tor]: DirPort reachability test inconsistency when only "DirPort x.x.x.x:x NoAdvertise" configured

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26136: DirPort reachability test inconsistency when only "DirPort x.x.x.x:x
NoAdvertise" configured
--+--
 Reporter:  starlight |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by teor):

 * keywords:  regression-maybe, 034-must-maybe =>
 * status:  needs_information => new
 * version:  Tor: 0.3.4.1-alpha => Tor: unspecified
 * milestone:  Tor: 0.3.4.x-final => Tor: unspecified


Comment:

 Ok, then this is not a regression, because it has been around for a few
 releases. (Probably since 0.2.8 or 0.2.9 when the code was rewritten.)

 Here is a workaround:
 * run a separate Tor process with "DirPort x NoAdvertise"
 * if you have trouble with #23693 or similar errors, run a separate tor
 process with "DirPort x ORPort y PublishServerDescriptor 0"

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26155 [Core Tor/Tor]: Bandwidth file Timestamp is the latest scanner result, not the file creation time

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26155: Bandwidth file Timestamp is the latest scanner result, not the file
creation time
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-spec, tor-bwauth  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Old description:

> The bandwidth file timestamp should be the last time a relay was scanned.
> But we say it's the file creation time, which is wrong.
>
> in torflow, the timestamp is actually the oldest of the most recent
> timestamps for all scanners:
> https://gitweb.torproject.org/torflow.git/tree/NetworkScanners/BwAuthority/aggregate.py#n409
> (This is buggy in small networks, because the unmeasured node scanner may
> end up in a state where is never has any nodes to scan. But we won't fix
> this issue.)
>
> Here's how I suggest we fix this issue:
>
> Replace the initial Timestamp with:
> {{{
>   Timestamp NL
>
> [At start, exactly once.]
>
> The Unix Epoch time in seconds of the most recent scanner result.
>
> If there are multiple scanners which can fail independently,
> implementations
> SHOULD take the most recent timestamp from each scanner and use the
> oldest value. This ensures all the scanners continue running.
>
> If there are scanners that do not run continuously, they SHOULD be
> excluded
> from the timestamp calculation,
>
> It does not follow the KeyValue format for backwards
> compatibility with version 1.0.0.
> }}}
>
> Add a file creation date:
> {{{
>   "file_created=" DateTime NL
>
> [Zero or one time.]
>
> The date and time timestamp in ISO 8601 format and UTC time zone
> when the file was created.
>
> This Line has been added in version 1.1.0 of this specification.
> }}}
>
> Add a latest bandwidth in human-readable format:
> {{{
>   "latest_bandwidth=" DateTime NL
>
> [Zero or one time.]
>
> The date and time timestamp in ISO 8601 format and UTC time zone
> of the most recent scanner result.
>
> This time MUST be identical to the initial Timestamp line.
>
> This duplicate value is included to make the format easier for people
> to read.
>
> This Line has been added in version 1.1.0 of this specification.
> }}}

New description:

 The bandwidth file timestamp should be the last time a relay was scanned.
 But we say it's the file creation time, which is wrong.

 in torflow, the timestamp is actually the oldest of the most recent
 timestamps for all scanners:
 
https://gitweb.torproject.org/torflow.git/tree/NetworkScanners/BwAuthority/aggregate.py#n409
 (This is buggy in small networks, because the unmeasured node scanner may
 end up in a state where is never has any nodes to scan. But we are not
 fixing torflow bugs.)

 Here's how I suggest we fix the spec issue:

 Replace the initial Timestamp with:
 {{{
   Timestamp NL

 [At start, exactly once.]

 The Unix Epoch time in seconds of the most recent scanner result.

 If there are multiple scanners which can fail independently,
 implementations
 SHOULD take the most recent timestamp from each scanner and use the
 oldest value. This ensures all the scanners continue running.

 If there are scanners that do not run continuously, they SHOULD be
 excluded
 from the timestamp calculation,

 It does not follow the KeyValue format for backwards
 compatibility with version 1.0.0.
 }}}

 Add a file creation date:
 {{{
   "file_created=" DateTime NL

 [Zero or one time.]

 The date and time timestamp in ISO 8601 format and UTC time zone
 when the file was created.

 This Line has been added in version 1.1.0 of this specification.
 }}}

 Add a latest bandwidth in human-readable format:
 {{{
   "latest_bandwidth=" DateTime NL

 [Zero or one time.]

 The date and time timestamp in ISO 8601 format and UTC time zone
 of the most recent scanner result.

 This time MUST be identical to the initial Timestamp line.

 This duplicate value is included to make the format easier for people
 to read.

 This Line has been added in version 1.1.0 of this specification.
 }}}

--

Comment (by teor):

 Clarify what we are fixing

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26155 [Core Tor/Tor]: Bandwidth file Timestamp is the latest scanner result, not the file creation time

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26155: Bandwidth file Timestamp is the latest scanner result, not the file
creation time
--+--
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-spec, tor-bwauth
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 The bandwidth file timestamp should be the last time a relay was scanned.
 But we say it's the file creation time, which is wrong.

 in torflow, the timestamp is actually the oldest of the most recent
 timestamps for all scanners:
 
https://gitweb.torproject.org/torflow.git/tree/NetworkScanners/BwAuthority/aggregate.py#n409
 (This is buggy in small networks, because the unmeasured node scanner may
 end up in a state where is never has any nodes to scan. But we won't fix
 this issue.)

 Here's how I suggest we fix this issue:

 Replace the initial Timestamp with:
 {{{
   Timestamp NL

 [At start, exactly once.]

 The Unix Epoch time in seconds of the most recent scanner result.

 If there are multiple scanners which can fail independently,
 implementations
 SHOULD take the most recent timestamp from each scanner and use the
 oldest value. This ensures all the scanners continue running.

 If there are scanners that do not run continuously, they SHOULD be
 excluded
 from the timestamp calculation,

 It does not follow the KeyValue format for backwards
 compatibility with version 1.0.0.
 }}}

 Add a file creation date:
 {{{
   "file_created=" DateTime NL

 [Zero or one time.]

 The date and time timestamp in ISO 8601 format and UTC time zone
 when the file was created.

 This Line has been added in version 1.1.0 of this specification.
 }}}

 Add a latest bandwidth in human-readable format:
 {{{
   "latest_bandwidth=" DateTime NL

 [Zero or one time.]

 The date and time timestamp in ISO 8601 format and UTC time zone
 of the most recent scanner result.

 This time MUST be identical to the initial Timestamp line.

 This duplicate value is included to make the format easier for people
 to read.

 This Line has been added in version 1.1.0 of this specification.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26155 [Core Tor/Tor]: Bandwidth file Timestamp is the latest scanner result, not the file creation time

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26155: Bandwidth file Timestamp is the latest scanner result, not the file
creation time
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-spec, tor-bwauth  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

2018-05-21 Thread Tor Bug Tracker & Wiki 
#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201805   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by pospeselr):

 For now just went with simple (regarding strings):

 [[Image(https://trac.torproject.org/projects/tor/raw-
 attachment/ticket/23247/Page%20Info%20New.png)]]
 [[Image(https://trac.torproject.org/projects/tor/raw-
 attachment/ticket/23247/Page%20Info%20SSL%20New.png)]]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

2018-05-21 Thread Tor Bug Tracker & Wiki 
#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201805R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * keywords:  ux-team, tor-hs, TorBrowserTeam201805 => ux-team, tor-hs,
 TorBrowserTeam201805R
 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26004 [Core Tor/Tor]: Allow Tor to accept node_id at the end of a bandwidth file line

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26004: Allow Tor to accept node_id at the end of a bandwidth file line
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  fast-fix, 034-backport-maybe, 033|  Actual Points:
  -backport-maybe, 032-backport-maybe, 031   |
  -backport-maybe, 029-backport-maybe, tor-  |
  dirauth|
Parent ID:  #25925   | Points:
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => merge_ready


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

2018-05-21 Thread Tor Bug Tracker & Wiki 
#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201805   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * Attachment "Page Info New.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

2018-05-21 Thread Tor Bug Tracker & Wiki 
#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201805   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * Attachment "Page Info SSL New.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

2018-05-21 Thread Tor Bug Tracker & Wiki 
#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201805   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * Attachment "0001-Bug-23247-Communicating-security-expectations-
 for-.o.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by teor):

 Replying to [comment:7 gilbertoblue]:
 > I'm not convinced that I am running any anti virus software, but perhaps
 my response to 4) does indicate such.  Not an expert, but it seems
 possible that TOR should be able to recognize problems from anti virus
 software, and then specifically indicate this.  Without question, TOR
 should be able to identify the specific point of failure, and this should
 be logged
 >
 > Once again, where else are TOR problems logged?  Copy to Clipboard does
 NOTHING.  It has to be true that it is all logged to a file as well

 Tor Browser does not log to disk by default, for privacy reasons.

 I don't know if the error you posted is in Tor Browser or Tor. And the
 screenshot has disappeared.

 If the error is in Tor, you can log to disk by adding a line to torrc-
 defaults:
 {{{
 Log debug C:\\path\\to\\file.log
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25549 [Core Tor/Tor]: Add tor CI config for AppVeyor

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25549: Add tor CI config for AppVeyor
-+-
 Reporter:  isis |  Owner:  saper
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-ci, tor-testing, 034-roadmap-|  Actual Points:
  subtask, 034-triage-20180328,  |
  034-included-20180328  |
Parent ID:  #25550   | Points:  2
 Reviewer:  isis, catalyst   |Sponsor:
 |  Sponsor3
-+-
Changes (by nickm):

 * status:  needs_revision => needs_review


Comment:

 Okay -- as a minimal branch, I propose `appveyor_min_034`.

 It removes some stuff from the branches that might have been a good idea,
 but turned out not to be necessary for appveyor.

 It is built by merging a branch `appveyor_min_029` into master -- I think
 that branch would have potential on 0.2.9, but we would need to backport
 an array of various unit test fixes from master in order to get it
 working.

 Pull request at https://github.com/torproject/tor/pull/118

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25507 [Core Tor/Tor]: Write a guide for groups planning to submit big patches to Tor.

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25507: Write a guide for groups planning to submit big patches to Tor.
-+-
 Reporter:  nickm|  Owner:
 |  catalyst
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  roadmap, 033-triage-20180320, 034|  Actual Points:
  -roadmap-master, 034-triage-20180328,  |
  034-included-20180328  |
Parent ID:   | Points:  3
 Reviewer:   |Sponsor:
 |  Sponsor3
-+-
Changes (by t0mmy):

 * cc: t0mmy (added)


Comment:

 As Tor's writer, am happy to help in whatever way I can be most useful.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 > I found a task called "Antimalware Service Executable". I can't
 terminate it, even though I am an admin. I don't know what this is, a
 windows process?. I am definitely NOT running Kapersky

 It's part of Windows Defender.

 Firefox using [https://dxr.mozilla.org/mozilla-
 esr52/source/xpcom/threads/nsProcessCommon.cpp#491 ShellExecuteExW] to
 launch Tor.exe.
 [https://social.msdn.microsoft.com/Forums/en-US/0ba070e0-ef57-494b-
 9e09-2080387388f7/shellexecuteexw-return-error-code-1223 Windows Defender
 dislike it?]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26154 [Obfuscation/BridgeDB]: Remove apt-get update from BridgeDB's .travis.yml to avoid SHA1 signature error

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26154: Remove apt-get update from BridgeDB's .travis.yml to avoid SHA1 
signature
error
--+
 Reporter:  isis  |  Owner:  isis
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal|   Keywords:  bridgedb-ci ci
Actual Points:|  Parent ID:
   Points:  .1|   Reviewer:
  Sponsor:  SponsorM  |
--+
 e.g. https://travis-ci.org/isislovecruft/bridgedb/jobs/381817517#L574

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26147 [Applications/Tor Browser]: Information leaks with automatic searching via URL bar.

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26147: Information leaks with automatic searching via URL bar.
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Dbryrtfbcbhgf):

 Implementing ticket https://trac.torproject.org/projects/tor/ticket/23545
 could also help reduce information leaks when you enter a incorrect V3
 onion address.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26073 [Applications/Tor Browser]: patch tor-browser-build.git for Firefox 60 ESR

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26073: patch tor-browser-build.git for Firefox 60 ESR
+--
 Reporter:  arthuredelstein |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  TorBrowserTeam201805, ff60-esr  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by sukhbir):

 > figuring out how to get the llvm signature check to work again

 For review:

 https://github.com/arthuredelstein/tor-browser-build/pull/1

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26153 [Applications/Tor Browser]: Selfrando builds broken for Firefox 60 ESR

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26153: Selfrando builds broken for Firefox 60 ESR
--+--
 Reporter:  sukhbir   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  ff60-esr
Actual Points:|  Parent ID:  #26073
   Points:|   Reviewer:
  Sponsor:|
--+--
 Building with Selfrando enabled for the Linux builds returns this error:

 {{{
  0:06.63 DEBUG: 
  0:06.63 DEBUG: | ++ for orig_path in '"${pathvar[@]}"'
  0:06.63 DEBUG: | ++ local orig_binary=/var/tmp/dist/binutils/bin/gcc
  0:06.63 DEBUG: | ++ [[ /var/tmp/dist/binutils/bin/gcc -ef
 /var/tmp/dist/selfrando/Tools/TorBrowser/tc-wrapper/gcc ]]
  0:06.63 DEBUG: | ++ true
  0:06.63 DEBUG: | ++ [[ -x /var/tmp/dist/binutils/bin/gcc ]]
  0:06.63 DEBUG: | ++ for orig_path in '"${pathvar[@]}"'
  0:06.63 DEBUG: | ++ local orig_binary=/var/tmp/dist/gcc/bin/gcc
  0:06.63 DEBUG: | ++ [[ /var/tmp/dist/gcc/bin/gcc -ef
 /var/tmp/dist/selfrando/Tools/TorBrowser/tc-wrapper/gcc ]]
  0:06.63 DEBUG: | ++ true
  0:06.63 DEBUG: | ++ [[ -x /var/tmp/dist/gcc/bin/gcc ]]
  0:06.63 DEBUG: | ++ echo /var/tmp/dist/gcc/bin/gcc
  0:06.63 DEBUG: | ++ break
  0:06.63 DEBUG: | + local orig_binary=/var/tmp/dist/gcc/bin/gcc
  0:06.63 DEBUG: | + exec /var/tmp/dist/gcc/bin/gcc
 -B/var/tmp/dist/selfrando/Tools/TorBrowser/tc-wrapper -ffunction-sections
 -fdata-sections -fPIC -std=gnu99 -B /var/tmp/build/firefox-d2fd026be23b
 /obj-x86_64-pc-linux-gnu/build/unix/gold -Wl,--version
  0:06.63 DEBUG: | collect2 version 6.4.0
  0:06.63 DEBUG: | /var/tmp/dist/selfrando/Tools/TorBrowser/tc-wrapper/ld
 -plugin /var/tmp/dist/gcc/libexec/gcc/x86_64-pc-linux-
 gnu/6.4.0/liblto_plugin.so -plugin-
 opt=/var/tmp/dist/gcc/libexec/gcc/x86_64-pc-linux-gnu/6.4.0/lto-wrapper
 -plugin-opt=-fresolution=/tmp/ccTz6FcR.res -plugin-opt=-pass-through=-lgcc
 -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-
 opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --eh-frame-hdr
 -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 -pie
 /usr/lib/x86_64-linux-gnu/Scrt1.o /usr/lib/x86_64-linux-gnu/crti.o
 /var/tmp/dist/gcc/lib/gcc/x86_64-pc-linux-gnu/6.4.0/crtbeginS.o
 -L/var/tmp/dist/selfrando/Tools/TorBrowser/tc-wrapper -L/var/tmp/build
 /firefox-d2fd026be23b/obj-x86_64-pc-linux-gnu/build/unix/gold
 -L/var/tmp/dist/gcc/lib/gcc/x86_64-pc-linux-gnu/6.4.0
 -L/var/tmp/dist/gcc/lib/gcc/x86_64-pc-linux-gnu/6.4.0/../../../../lib64
 -L/lib/x86_64-linux-gnu -L/lib/../lib64 -L/usr/lib/x86_64-linux-gnu
 -L/var/tmp/dist/gcc/lib/gcc/x86_64-pc-linux-gnu/6.4.0/../../.. --version
 -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s
 --no-as-needed /var/tmp/dist/gcc/lib/gcc/x86_64-pc-linux-
 gnu/6.4.0/crtendS.o /usr/lib/x86_64-linux-gnu/crtn.o
  0:06.63 DEBUG: | collect2: fatal error: ld terminated with signal 6
 [Aborted]
  0:06.63 DEBUG: | compilation terminated.
  0:06.63 DEBUG: | Could not open output file: a.out
  0:06.63 DEBUG: | ld: src/Support/posix/Debug.cpp:36: void
 Error::printf(const char*, ...): Assertion `false' failed.
  0:06.63 ERROR: Command `/var/tmp/dist/selfrando/Tools/TorBrowser/tc-
 wrapper/gcc -std=gnu99 -B /var/tmp/build/firefox-d2fd026be23b/obj-x86_64
 -pc-linux-gnu/build/unix/gold -Wl,--version` failed with exit status 1.
  0:06.67 *** Fix above errors and then restart with\
  0:06.67"/usr/bin/make -f client.mk build"
  0:06.67 make: *** [configure] Error 1
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23846 [Core Tor/Tor]: Use libtool for building shared library

2018-05-21 Thread Tor Bug Tracker & Wiki 
#23846: Use libtool for building shared library
-+-
 Reporter:  hellais  |  Owner:  sbs
 Type:  enhancement  | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-mobile, s8-api,  |  Actual Points:
  034-triage-20180328 034-included-20180402 034  |
  -roadmap-subtask   |
Parent ID:  #25510   | Points:
 Reviewer:  ahf  |Sponsor:
 |  Sponsor8
-+-
Changes (by nickm):

 * milestone:  Tor: 0.3.4.x-final => Tor: 0.3.5.x-final


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26150 [Obfuscation/BridgeDB]: legacy bridge filtering code in bridgedb is suddenly hitting errors

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26150: legacy bridge filtering code in bridgedb is suddenly hitting errors
--+
 Reporter:  isis  |  Owner:  isis
 Type:  defect| Status:  closed
 Priority:  Immediate |  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  bridgedb-db   |  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+
Changes (by isis):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 Fixed in my bug25150 branch.

 Oh also thanks to Tommy for pointing out the issue.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25483 [Obfuscation/Snowflake]: Windows reproducible build of snowflake

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25483: Windows reproducible build of snowflake
---+--
 Reporter:  arlolra|  Owner:  sukhbir
 Type:  project| Status:  assigned
 Priority:  High   |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords:  TorBrowserTeam201805   |  Actual Points:
Parent ID:  #19001 | Points:
 Reviewer: |Sponsor:
---+--

Comment (by gk):

 Replying to [comment:36 sukhbir]:
 > Replying to [comment:34 gk]:
 > > That's reproducible on two different build machines for me. I worked
 around both errors on one of the machines my just getting rid of
 everything `webrtc` related and starting over in this regard. We should
 not need to do this, though. I therefore keep the second machine as-is for
 debugging purposes.
 >
 > Sorry, did you mean the errors you have are reproducible or the error I
 mentioned in #comment:24?

 I can reproduce the error in comment:34 on two different machines and
 that's what I meant.

 Over the weekend I tried to look more closely at it. So, updating to
 mingw-w64 `master` and GCC 6.4.0 does not help. Then I tried to build
 clang `master` and see whether we can verify the claim in comment:25 (and
 maybe be lucky because our bugs got fixed like last week :) ).

 I tried for a while to get the clang build going by setting
 `LLVM_FORCE_HEAD_REVISION` to `1`. It turns out that breaks the clang
 plugin compilation and other clang tools' compilation as well. Not
 compiling those gives a proper clang based on `master`, unfortunately
 requires the WebRTC build those missing clang tools.

 I then settled to use the latest prebuilt clang binaries (by messing with
 the `update.py` script (see:
 
https://chromium.googlesource.com/chromium/src/tools/clang/+/master/scripts/update.py))
 using rev 332335 which is just ca. 400 commit behind the latest one. I am
 still getting the same errors as in comment:24.

 I guess it's time to look at the symbols...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26152 [Core Tor/Tor]: Improve errors on crypto/openssl_version badness

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26152: Improve errors on crypto/openssl_version badness
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-ci, tor-testing, 034-roadmap-|  Actual Points:
  subtask, 034-triage-20180328,  |
  034-included-20180328  |
Parent ID:  #25549   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  assigned => needs_review


Comment:

 Please review `bug26152_035` -- PR at
 https://github.com/torproject/tor/pull/117

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26152 [Core Tor/Tor]: Improve errors on crypto/openssl_version badness

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26152: Improve errors on crypto/openssl_version badness
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:  Tor: 0.3.5.x-final
Component:  Core |Version:
  Tor/Tor|   Keywords:  tor-ci, tor-testing, 034-roadmap-
 Severity:  Normal   |  subtask, 034-triage-20180328,
 |  034-included-20180328
Actual Points:   |  Parent ID:  #25549
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 When these tests fail, they currently do so in an unhelpful way.  They
 should log the offending strings when the version strings don't match.

 Extracted from #25549.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25750 [Applications/Tor Launcher]: update Tor Launcher for ESR 60

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25750: update Tor Launcher for ESR 60
+--
 Reporter:  mcs |  Owner:  brade
 Type:  defect  | Status:
|  needs_revision
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Launcher   |Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201805  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by gk):

 Replying to [comment:35 sysrqb]:
 > Replying to [comment:33 gk]:
 > > commit 2e1e760a8393de281318e97ef44b2e89ba67879c
 > > "Gecko now requires "0o"-prefixed octal literals" <- Are you sure
 about that? Yes, the warning shows up in the browser console but the bug
 you are citing is already fixed in Firefox 48, yet Tor Browser 7 does not
 show the warning. Fixing the octals is good, though. I hunted a bit but
 finding the actual bug behind this change seems a bit tricky. I think we
 could just say "Fix deprecated octal literals" in the commit message and
 move on.
 >
 > The runtime now throws a syntax error:
 >
 > {{{
 > JavaScript error:
 
jar:file:///home/user/firefox/TorBrowser/Data/Browser/profile.default/extensions
 > /tor-launc...@torproject.org.xpi!/components/tl-process.js, line 1003:
 SyntaxError: "0"-prefixed octal
 >  literals and octal escape sequences are deprecated; for octal literals
 use the "0o" prefix instead
 > }}}
 >
 > But, I see 52ESR should throw the same error at runtime, so I'm not sure
 why TorLauncher and TorButton currently work.

 I would not worry too  much about that as long as the commit message
 reflects what we know. (Although I can feel the urge to find out what's
 up) :)

 > > commit 039bd44ce1a65bbc7bcacfa7a6b114b744a84b8f
 > >
 > > s/var loader/let loader/
 > > {{{
 > > +  TorLauncherLogger.log(5,"Ignoring invalid pref ending with a
 period: '" +
 > > }}}
 > > Whitspace between "," and "\"".
 > >
 >
 > I did this so the line length is less than 80 chars. If you prefer
 adding the space then we can move the format string onto the next line.

 Aha, I think we should have the same spacing requirements for all code and
 use a new line if that's indeed needed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25383 [Metrics/Website]: Deprecate stats.html and stats/*.csv files

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25383: Deprecate stats.html and stats/*.csv files
-+--
 Reporter:  karsten  |  Owner:  karsten
 Type:  enhancement  | Status:  needs_review
 Priority:  High |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Replying to [comment:23 dcf]:
 > Replying to [comment:13 karsten]:
 > > Here's another suggestion:
 > >
 > >  4. We provide 1 CSV file per graph that is parameterized by default
 and that can also be requested without any parameters. The link on the
 graph page would contain the same parameters as the graph, so that the CSV
 file content would be pretty close to what's shown in the graph. Except
 that the file might contain a few more columns. But the header would
 explain those columns. And the header would also say that it's possible to
 drop parameters to get more data for different parameter combinations of
 this graph.
 >
 > This plan works for me.

 Great, that's very good to know!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25594 [Obfuscation/Snowflake]: Broker: investigate non-domain-fronting secure client / proxy registrations

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25594: Broker: investigate non-domain-fronting secure client / proxy 
registrations
---+
 Reporter:  arlolra|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by dcf):

 #26151 is about using Amazon SQS.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26151 [Obfuscation/Snowflake]: Snowflake rendezvous using Amazon SQS

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26151: Snowflake rendezvous using Amazon SQS
---+
 Reporter:  dcf|  Owner:  (none)
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+
 Nathan Freitas suggests using
 [https://en.wikipedia.org/wiki/Amazon_Simple_Queue_Service Amazon Simple
 Queue Service] for exchanging rendezvous messages. "It supports
 programmatic sending of messages via web service applications as a way to
 communicate over the Internet."

 It looks like messages are relayed through URLs like
   https://queue.amazonaws.com/
   https://sqs.us-east-1.amazonaws.com/
   https://sqs.us-east-2.amazonaws.com/
   etc.

 [https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide
 /sqs-making-api-requests.html Here is an example of a SendMessage call]:
   !https://sqs.us-
 
east-2.amazonaws.com/123456789012/MyQueue?Action=SendMessage=Your%20message%20text=2012-11-05

 There's a [https://docs.aws.amazon.com/cli/latest/reference/sqs/index.html
 command-line interface].

 I'm not sure how you would send a message back to the client, and have it
 match up with the message the client sent initially. Maybe a separate
 queue per client?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25600 [Obfuscation/Snowflake]: Tor eventually hits "No running bridges" with Snowflake

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25600: Tor eventually hits "No running bridges" with Snowflake
---+--
 Reporter:  cypherpunks|  Owner:  (none)
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by dcf):

 * status:  reopened => needs_review


Comment:

 Replying to [comment:13 cypherpunks]:
 > Replying to [comment:12 dcf]:
 > > I have encountered this "No running bridges" problem too. I wonder if
 it happens when a snowflake proxy comes online but it behind a kind of
 NAT, or something, such that it can't actually do WebRTC.
 > I don't think that's the case since I almost always hit the fallback
 proxy (the 37... one) and this problem always happens when I use
 snowflake.
 >
 > But I think I finally nailed it: When I followed your suggestion to use
 `-log snowflake.log` I no longer had that problem (it's been a couple of
 hours now of testing, hopefully there will be no other surprise). So I
 think there's definitely some issue in the patch for #25471. This also
 confirms my results in comment:6 where I didn't have this problem with the
 earlier build of snowflake.

 My guess: tor is not reading from the client transport plugin's stderr
 pipe. In the absence of the `-log` option, snowflake-client writes log
 messages to stderr. Eventually the pipe buffer fills up, and snowflake-
 client hangs while writing a log message.

 The reason it didn't happen in earlier versions of snowflake-client is
 that earlier versions always logged to a file by default.
 [https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/commit/?id=12922a232ba63bd8d94c92ced32e23aa2fb055ed
 12922a232b] made it log to stderr by default and added a `-log` option.
 The change would have happened in Tor Browser 8.0a5, because that's when
 #21312 caused an upgrade to the version of snowflake-client that doesn't
 log by default.

 Why this affects snowflake and not other PTs: probably just because
 snowflake-client writes more to the log (because of #25429 and other
 causes). Other PTs are probably affected; they just don't fill up the pipe
 buffer as fast.

 Could you try this patch for snowflake-client?
 {{{
 --- a/client/snowflake.go
 +++ b/client/snowflake.go
 @@ -150,6 +150,8 @@ func main() {
 }
 defer logFile.Close()
 log.SetOutput(logFile)
 +   } else {
 +   log.SetOutput(ioutil.Discard)
 }

 log.Println("\n\n\n --- Starting Snowflake Client ---")
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26150 [Obfuscation/BridgeDB]: legacy bridge filtering code in bridgedb is suddenly hitting errors

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26150: legacy bridge filtering code in bridgedb is suddenly hitting errors
--+--
 Reporter:  isis  |  Owner:  isis
 Type:  defect| Status:  assigned
 Priority:  Immediate |  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:
 Keywords:  bridgedb-db   |  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+--
Description changed by isis:

Old description:

> {{{
> 18:11:46 DEBUGL227:bridgerequest.justOneP() No pluggable transports
> were requested.
> [57/671]
> 18:11:46 INFO L250:bridgerequest.generate() Adding a filter to
> HTTPSBridgeRequest for 185.220.101.13 for IPv4 bridges...
> 18:11:46 INFO L300:distributor.getBridges() Attempting to get bridges
> for 185.220.101.13...
> 18:11:46 DEBUGL159:distributor.getSubnet()  Client IP was within
> area: 185.220.0.0/16
> 18:11:46 DEBUG L44:filters.bySubring()  Creating a filter for
> assigning bridges to subhashring 2-of-3...
> 18:11:46 DEBUGL325:distributor.getBridges() Client request within
> time interval: 1526925600
> 18:11:46 DEBUGL326:distributor.getBridges() Assigned client to
> subhashring 2/3
> 18:11:46 DEBUGL327:distributor.getBridges() Assigned client to
> subhashring position: 726333b07ff8c62f7e44178f1b2153f28d953199
> 18:11:46 DEBUGL328:distributor.getBridges() Total bridges: 1540
> 18:11:46 DEBUGL329:distributor.getBridges() Bridge filters:
> bySubring2of3 byIPv4()
> 18:11:46 DEBUGL333:distributor.getBridges() Cache hit
> frozenset([,  at 0x7f267727ce60>])
> 18:11:46 DEBUGL269:distribute.bridgesPerR() Returning 3 bridges from
> ring of len: 508
> 18:11:46 DEBUGL330:Bridges.getBridges() Got duplicate bridge
> '72eaf88f51eaa96e2f4cab6fc360333b598ae19b' in main hashring for position
> '726333b07ff8c62f7e44178f1b2153f28d953199'.
> 18:11:46 DEBUGL275:Bridges.filterDistinct() Got 7 possible bridges to
> filter
> 18:11:46 ERRORL862:server.render()  'NoneType' object has no
> attribute 'version'
> Traceback (most recent call last):
>   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
> packages/bridgedb-0.6.5+0.gd9741cf.dirty-
> py2.7.egg/bridgedb/distributors/https/server.py", line 860, in render
> response = self.getBridgeRequestAnswer(request)
>   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
> packages/bridgedb-0.6.5+0.gd9741cf.dirty-
> py2.7.egg/bridgedb/distributors/https/server.py", line 904, in
> getBridgeRequestAnswer
> bridges = self.distributor.getBridges(bridgeRequest, interval)
>   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
> packages/bridgedb-0.6.5+0.gd9741cf.dirty-
> py2.7.egg/bridgedb/distributors/https/distributor.py", line 345, in
> getBridges
> answer = ring.getBridges(position, returnNum, filterBySubnet=True)
>   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
> packages/bridgedb-0.6.5+0.gd9741cf.dirty-py2.7.egg/bridgedb/Bridges.py",
> line 334, in getBridges
> bridges = self.filterDistinctSubnets(keys)
> File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
> packages/bridgedb-0.6.5+0.gd9741cf.dirty-py2.7.egg/bridgedb/Bridges.py",
> line 295, in filterDistinctSubnets
> if bridge.address.version == 4:
> AttributeError: 'NoneType' object has no attribute 'version'
> }}}

New description:

 {{{
 18:11:46 DEBUG L44:filters.bySubring()  Creating a filter for
 assigning bridges to subhashring 2-of-3...
 18:11:46 DEBUGL325:distributor.getBridges() Client request within time
 interval: 1526925600
 18:11:46 DEBUGL326:distributor.getBridges() Assigned client to
 subhashring 2/3
 18:11:46 DEBUGL327:distributor.getBridges() Assigned client to
 subhashring position: 726333b07ff8c62f7e44178f1b2153f28d953199
 18:11:46 DEBUGL328:distributor.getBridges() Total bridges: 1540
 18:11:46 DEBUGL329:distributor.getBridges() Bridge filters:
 bySubring2of3 byIPv4()
 18:11:46 DEBUGL333:distributor.getBridges() Cache hit
 frozenset([, ])
 18:11:46 DEBUGL269:distribute.bridgesPerR() Returning 3 bridges from
 ring of len: 508
 18:11:46 DEBUGL330:Bridges.getBridges() Got duplicate bridge
 '72eaf88f51eaa96e2f4cab6fc360333b598ae19b' in main hashring for position
 '726333b07ff8c62f7e44178f1b2153f28d953199'.
 18:11:46 DEBUGL275:Bridges.filterDistinct() Got 7 possible bridges to
 filter
 18:11:46 ERRORL862:server.render()  'NoneType' object has no
 attribute 'version'
 Traceback (most recent call last):
   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-
 py2.7.egg/bridgedb/distributors/https/server.py", line 860, in render
 response =

Re: [tor-bugs] #26150 [Obfuscation/BridgeDB]: legacy bridge filtering code in bridgedb is suddenly hitting errors

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26150: legacy bridge filtering code in bridgedb is suddenly hitting errors
--+--
 Reporter:  isis  |  Owner:  isis
 Type:  defect| Status:  assigned
 Priority:  Immediate |  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:
 Keywords:  bridgedb-db   |  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+--

Comment (by isis):

 Another similar error:

 {{{
 18:12:57 DEBUGL325:distributor.getBridges() Client request within time
 interval: 1526925600
 18:12:57 DEBUGL326:distributor.getBridges() Assigned client to
 subhashring 1/3
 18:12:57 DEBUGL327:distributor.getBridges() Assigned client to
 subhashring position: 69107a415542eb9381ae06bd4f6defdcf75a03ce
 18:12:57 DEBUGL328:distributor.getBridges() Total bridges: 1540
 18:12:57 DEBUGL329:distributor.getBridges() Bridge filters:
 byTransportNotBlockedIn(None,de,4) bySubring1of3
 18:12:57 DEBUGL333:distributor.getBridges() Cache hit
 frozenset([, ])
 18:12:57 DEBUGL269:distribute.bridgesPerR() Returning 3 bridges from
 ring of len: 508
 18:12:57 DEBUGL330:Bridges.getBridges() Got duplicate bridge
 '69d52c45d370ad3ee685206c06c5683aff962d78' in main hashring for position
 '69107a415542eb9381ae06bd4f6defdcf75a03ce'.
 18:12:57 DEBUGL275:Bridges.filterDistinct() Got 7 possible bridges to
 filter
 18:12:57 ERRORL862:server.render()  'NoneType' object has no
 attribute '_version'
 Traceback (most recent call last):
 File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-
 py2.7.egg/bridgedb/distributors/https/server.py", line 860, in render
 response = self.getBridgeRequestAnswer(request)
   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-
 py2.7.egg/bridgedb/distributors/https/server.py", line 904, in
 getBridgeRequestAnswer   bridges =
 self.distributor.getBridges(bridgeRequest, interval)
 File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-
 py2.7.egg/bridgedb/distributors/https/distributor.py", line 345, in
 getBridges
 answer = ring.getBridges(position, returnNum, filterBySubnet=True)
   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-py2.7.egg/bridgedb/Bridges.py",
 line 334, in getBridges
 bridges = self.filterDistinctSubnets(keys)
   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-py2.7.egg/bridgedb/Bridges.py",
 line 284, in filterDistinctSubnets
 if bridge.address in subnet:
   File "/home/bridgedb/virtualenvs/bridgedb/lib/python2.7/site-
 packages/ipaddr.py", line 637, in __contains__
 if self._version != other._version:
 AttributeError: 'NoneType' object has no attribute '_version'
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25985 [Obfuscation/Snowflake]: Snowflake rendezvous using AMP cache (was: Add AMP cache as another domain fronting option with Google)

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25985: Snowflake rendezvous using AMP cache
---+--
 Reporter:  twim   |  Owner:  (none)
 Type:  project| Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26150 [Obfuscation/BridgeDB]: legacy bridge filtering code in bridgedb is suddenly hitting errors

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26150: legacy bridge filtering code in bridgedb is suddenly hitting errors
--+-
 Reporter:  isis  |  Owner:  isis
 Type:  defect| Status:  assigned
 Priority:  Immediate |  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal|   Keywords:  bridgedb-db
Actual Points:|  Parent ID:
   Points:  1 |   Reviewer:
  Sponsor:|
--+-
 {{{
 18:11:46 DEBUGL227:bridgerequest.justOneP() No pluggable transports
 were requested.
 [57/671]
 18:11:46 INFO L250:bridgerequest.generate() Adding a filter to
 HTTPSBridgeRequest for 185.220.101.13 for IPv4 bridges...
 18:11:46 INFO L300:distributor.getBridges() Attempting to get bridges
 for 185.220.101.13...
 18:11:46 DEBUGL159:distributor.getSubnet()  Client IP was within area:
 185.220.0.0/16
 18:11:46 DEBUG L44:filters.bySubring()  Creating a filter for
 assigning bridges to subhashring 2-of-3...
 18:11:46 DEBUGL325:distributor.getBridges() Client request within time
 interval: 1526925600
 18:11:46 DEBUGL326:distributor.getBridges() Assigned client to
 subhashring 2/3
 18:11:46 DEBUGL327:distributor.getBridges() Assigned client to
 subhashring position: 726333b07ff8c62f7e44178f1b2153f28d953199
 18:11:46 DEBUGL328:distributor.getBridges() Total bridges: 1540
 18:11:46 DEBUGL329:distributor.getBridges() Bridge filters:
 bySubring2of3 byIPv4()
 18:11:46 DEBUGL333:distributor.getBridges() Cache hit
 frozenset([, ])
 18:11:46 DEBUGL269:distribute.bridgesPerR() Returning 3 bridges from
 ring of len: 508
 18:11:46 DEBUGL330:Bridges.getBridges() Got duplicate bridge
 '72eaf88f51eaa96e2f4cab6fc360333b598ae19b' in main hashring for position
 '726333b07ff8c62f7e44178f1b2153f28d953199'.
 18:11:46 DEBUGL275:Bridges.filterDistinct() Got 7 possible bridges to
 filter
 18:11:46 ERRORL862:server.render()  'NoneType' object has no
 attribute 'version'
 Traceback (most recent call last):
   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-
 py2.7.egg/bridgedb/distributors/https/server.py", line 860, in render
 response = self.getBridgeRequestAnswer(request)
   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-
 py2.7.egg/bridgedb/distributors/https/server.py", line 904, in
 getBridgeRequestAnswer
 bridges = self.distributor.getBridges(bridgeRequest, interval)
   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-
 py2.7.egg/bridgedb/distributors/https/distributor.py", line 345, in
 getBridges
 answer = ring.getBridges(position, returnNum, filterBySubnet=True)
   File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-py2.7.egg/bridgedb/Bridges.py",
 line 334, in getBridges
 bridges = self.filterDistinctSubnets(keys)
 File "/home/bridgedb/virtualenvs/bridgedb/local/lib/python2.7/site-
 packages/bridgedb-0.6.5+0.gd9741cf.dirty-py2.7.egg/bridgedb/Bridges.py",
 line 295, in filterDistinctSubnets
 if bridge.address.version == 4:
 AttributeError: 'NoneType' object has no attribute 'version'
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25750 [Applications/Tor Launcher]: update Tor Launcher for ESR 60

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25750: update Tor Launcher for ESR 60
+--
 Reporter:  mcs |  Owner:  brade
 Type:  defect  | Status:
|  needs_revision
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Launcher   |Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201805  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by sysrqb):

 Replying to [comment:33 gk]:
 > Some comments (just nits):
 >
 > commit 785568d05b12f819a29b90c2dcd4e55b821a2047:
 > Any reason why the `minVersion` for Fennec is 45 and not 52? (I am fine
 with leaving the patch you have given that we are not really enforcing 52
 for desktop either, just curious)

 No, I don't remember why I chose that. Good question.

 >
 > commit 2e1e760a8393de281318e97ef44b2e89ba67879c
 > "Gecko now requires "0o"-prefixed octal literals" <- Are you sure about
 that? Yes, the warning shows up in the browser console but the bug you are
 citing is already fixed in Firefox 48, yet Tor Browser 7 does not show the
 warning. Fixing the octals is good, though. I hunted a bit but finding the
 actual bug behind this change seems a bit tricky. I think we could just
 say "Fix deprecated octal literals" in the commit message and move on.

 The runtime now throws a syntax error:

 {{{
 JavaScript error:
 
jar:file:///home/user/firefox/TorBrowser/Data/Browser/profile.default/extensions
 /tor-launc...@torproject.org.xpi!/components/tl-process.js, line 1003:
 SyntaxError: "0"-prefixed octal
  literals and octal escape sequences are deprecated; for octal literals
 use the "0o" prefix instead
 }}}

 But, I see 52ESR should throw the same error at runtime, so I'm not sure
 why TorLauncher and TorButton currently work.

 >
 > You are using "Bug XXX" and "bug XXX" for referencing Mozilla
 bugs within a sentence. I think you should stick to one format and the
 latter is the better one.

 Agreed, I'll change this.

 >
 > commit 039bd44ce1a65bbc7bcacfa7a6b114b744a84b8f
 >
 > s/var loader/let loader/
 > {{{
 > +  TorLauncherLogger.log(5,"Ignoring invalid pref ending with a
 period: '" +
 > }}}
 > Whitspace between "," and "\"".
 >

 I did this so the line length is less than 80 chars. If you prefer adding
 the space then we can move the format string onto the next line.

 > You want to have pairwise "'" but are forgetting sometimes the closing
 one.

 I'll review this and confirm there are matching quotes.

 >
 > commit 3f2936d1323c36d1882b81ab155bf9fd48e27a37
 >
 > The indentation of the new code block is off by one.

 I'll change this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26149 [Applications/Quality Assurance and Testing]: Add some ansible roles for tor browser testsuite setup

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26149: Add some ansible roles for tor browser testsuite setup
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:   |Version:
  Applications/Quality Assurance |
  and Testing|   Keywords:  boklm201805,
 Severity:  Normal   |  TorBrowserTeam201805
Actual Points:   |  Parent ID:  #21404
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 We should add to `tor-browser-build/tools/ansible` some ansible roles to
 setup VMs for running the tor browser testsuite.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25277 [Core Tor/Tor]: Summarise the format of v3 hidden service addresses in the Tor man page

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25277: Summarise the format of v3 hidden service addresses in the Tor man page
-+-
 Reporter:  ageisp0lis   |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.2.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  prop224, tor-hs, tor-doc,|  Actual Points:
  034-triage-20180328, 034-removed-20180328  |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 regex for v3 {{{^[a-z2-7]{55}d\.onion$}}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16472 [Applications/Tor Browser]: Upgrade Binutils to 2.25+ for Tor Browser builds

2018-05-21 Thread Tor Bug Tracker & Wiki 
#16472: Upgrade Binutils to 2.25+ for Tor Browser builds
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, boklm201805,|  Actual Points:
  TorBrowserTeam201805R  |
Parent ID:  #12968   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  tbb-rbm, boklm201805, TorBrowserTeam201805 => tbb-rbm,
 boklm201805, TorBrowserTeam201805R
 * status:  needs_information => needs_review


Comment:

 Commit `d96fc6ca36f6a0b13e8d41749c62fd50c0edab06` in branch
 `bug_16472_v12` is updating binutils to 2.26.1, with the patch from
 binutils commit `13e570f80cbfb299a8858ce6830e91a6cb40ab7b` reverted for
 the Windows builds:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_16472_v12=d96fc6ca36f6a0b13e8d41749c62fd50c0edab06

 I checked that the Linux and Windows builds are reproducible on 2
 different machines, and that they are running correctly.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16472 [Applications/Tor Browser]: Upgrade Binutils to 2.25+ for Tor Browser builds

2018-05-21 Thread Tor Bug Tracker & Wiki 
#16472: Upgrade Binutils to 2.25+ for Tor Browser builds
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, boklm201805,|  Actual Points:
  TorBrowserTeam201805   |
Parent ID:  #12968   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 Replying to [comment:82 gk]:
 > I am fine using 2.26.1 with the revert for now I think. Anything better
 than 2.24, because we want to have #12968 fixed for Win64 bundles.

 Ok, I think we can use this ticket for the update to binutils 2.26.1, and
 I opened #26148 for the issue with binutils > 2.26.1.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26148 [Applications/Tor Browser]: Update binutils to a version more recent than 2.26.1

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26148: Update binutils to a version more recent than 2.26.1
-+-
 Reporter:  boklm|  Owner:  tbb-team
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  tbb-rbm, boklm201805,
 Severity:  Normal   |  TorBrowserTeam201805
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 In #16472 we are updating binutils to 2.26.1. We are not updating it to a
 more recent version due to an issue with reproducible builds on Windows
 with later binutils versions.

 The issue seems to be caused by binutils commit
 `13e570f80cbfb299a8858ce6830e91a6cb40ab7b` (which we revert in #16472).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26054 [Applications/Tor Browser]: Make sure to create incrementals from previously signed MAR files

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26054: Make sure to create incrementals from previously signed MAR files
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, boklm201805,|  Actual Points:
  TorBrowserTeam201805R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  tbb-rbm => tbb-rbm, boklm201805, TorBrowserTeam201805R
 * status:  new => needs_review


Comment:

 There is a patch for this in branch `bug_26054`:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_26054=b2de50ce48755190259c7d274c6ce65317ccb0b1

 This branch is based on the commit for #26059, so it will have to be
 rebased if #26059 needs some revision.

 I checked that if one of the osx64 mar files from the previous version is
 not code-signed, it fails with an error.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26147 [Applications/Tor Browser]: Information leaks with automatic searching via URL bar.

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26147: Information leaks with automatic searching via URL bar.
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by Dbryrtfbcbhgf):

 * owner:  (none) => tbb-team
 * component:  - Select a component => Applications/Tor Browser


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26147 [- Select a component]: Information leaks with automatic searching via URL bar.

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26147: Information leaks with automatic searching via URL bar.
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by cypherpunks):

 Or it could be like the black strip that appears when you maximize the tor
 browser.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25895 [Core Tor/Tor]: Cross-compiling tor rust for Windows is broken

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25895: Cross-compiling tor rust for Windows is broken
-+-
 Reporter:  gk   |  Owner:  Hello71
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  rust, 034-proposed, tbb-wants,   |  Actual Points:
  033-backport, 034-roadmap-proposed |
Parent ID:  #25849   | Points:
 Reviewer:  catalyst |Sponsor:
-+-
Changes (by asn):

 * reviewer:   => catalyst


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26121 [Core Tor/Tor]: BUILDTIMEOUT_SET totals are still off

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26121: BUILDTIMEOUT_SET totals are still off
--+
 Reporter:  mikeperry |  Owner:  mikeperry
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  asn   |Sponsor:
--+
Changes (by asn):

 * reviewer:   => asn


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26116 [Core Tor/Tor]: OpenSSL 1.1.1 changed the semantics of the password callback return value

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26116: OpenSSL 1.1.1 changed the semantics of the password callback return 
value
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  029-backport 031-backport|  Actual Points:
  032-backport 033-backport  |
Parent ID:   | Points:
 Reviewer:  catalyst |Sponsor:
-+-
Changes (by asn):

 * reviewer:   => catalyst


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26101 [Core Tor/Tor]: Update cov-diff script to understand * character

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26101: Update cov-diff script to understand * character
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  ahf   |Sponsor:
--+
Changes (by asn):

 * reviewer:   => ahf


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26102 [Core Tor/Tor]: Update cov-diff script to remove extraneous timestamp info

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26102: Update cov-diff script to remove extraneous timestamp info
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  ahf   |Sponsor:
--+
Changes (by asn):

 * reviewer:   => ahf


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26038 [Core Tor/Tor]: Misc Rust/Cargo improvements (incl. use global cargo cache)

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26038: Misc Rust/Cargo improvements (incl. use global cargo cache)
--+
 Reporter:  Hello71   |  Owner:  Hello71
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  rust  |  Actual Points:
Parent ID:| Points:
 Reviewer:  isis  |Sponsor:
--+
Changes (by asn):

 * reviewer:   => isis


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25886 [Core Tor/Tor]: Have frac_nodes_with_descriptors() take and use for_direct_connect

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25886: Have frac_nodes_with_descriptors() take and use for_direct_connect
-+-
 Reporter:  nickm|  Owner:  neel
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bridge-client, tor-guard,|  Actual Points:
  bootstrap  |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by asn):

 * reviewer:   => dgoulet


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16824 [Core Tor/Tor]: Emit a warning message about side channel leaks when using relays as clients

2018-05-21 Thread Tor Bug Tracker & Wiki 
#16824: Emit a warning message about side channel leaks when using relays as
clients
-+-
 Reporter:  starlight|  Owner:  (none)
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.6.10
 Severity:  Normal   | Resolution:
 Keywords:  mike-can, tor-client tor-relay   |  Actual Points:
  sidechannel logging easy   |
Parent ID:   | Points:  1
 Reviewer:  mikeperry|Sponsor:
-+-
Changes (by asn):

 * reviewer:   => mikeperry


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25821 [Core Tor/Stem]: Stem getconf cache doesn't clear for CONF_CHANGED events; probably should set value

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25821: Stem getconf cache doesn't clear for CONF_CHANGED events; probably 
should
set value
---+
 Reporter:  dmr|  Owner:  dmr
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Core Tor/Stem  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  controller |  Actual Points:
Parent ID: | Points:
 Reviewer:  atagar |Sponsor:
---+

Comment (by dmr):

 Hey Damian, the merge //functionally// looks good, but the commit message
 mentions the wrong ticket (#17873); see
 
[[https://gitweb.torproject.org/stem.git/commit/?id=fd5f1cd120fce96c8a4a58de2ea277b4337e899c|gitweb]].

 Not sure how you want to handle this, if at all. My commits referenced the
 Trac number in them and the changelog has it too, so the history is still
 fairly clear. Maybe add a `git commit --allow-empty` commit afterwards
 with just a message?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26147 [- Select a component]: Information leaks with automatic searching via URL bar.

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26147: Information leaks with automatic searching via URL bar.
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 In the Tor browser, if you enter a malformed URL, it immediately thinks
 it's a search query and pushes that malformed URL over to the assigned
 default search (DDG, Startpage, etc)

 This is a type of information leak.

 It would be better if a malformed URL is entered and you press Enter,
 you're asked if you are sure you want to search for this or not.

 It could be in a strip appears under the URL bar, like the strip that
 appears when you first run the Tor browser for the first time asking about
 the default configuration, or a popup from the URL bar, like the enable
 canvas or enable notification popups.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gilbertoblue):

 I found the Event Viewer, but I don't see any references to TOR

 Am I looking in the wrong place?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25383 [Metrics/Website]: Deprecate stats.html and stats/*.csv files

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25383: Deprecate stats.html and stats/*.csv files
-+--
 Reporter:  karsten  |  Owner:  karsten
 Type:  enhancement  | Status:  needs_review
 Priority:  High |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by dcf):

 Replying to [comment:13 karsten]:
 > Here's another suggestion:
 >
 >  4. We provide 1 CSV file per graph that is parameterized by default and
 that can also be requested without any parameters. The link on the graph
 page would contain the same parameters as the graph, so that the CSV file
 content would be pretty close to what's shown in the graph. Except that
 the file might contain a few more columns. But the header would explain
 those columns. And the header would also say that it's possible to drop
 parameters to get more data for different parameter combinations of this
 graph.

 This plan works for me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25960 [Core Tor/Tor]: Allow additional header lines in bandwidth measurements documents

2018-05-21 Thread Tor Bug Tracker & Wiki 
#25960: Allow additional header lines in bandwidth measurements documents
-+-
 Reporter:  juga |  Owner:  juga
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  035-proposed, bwauth, 034-backport,  |  Actual Points:
  029-backport, 031-backport, 032-backport,  |
  033-backport   |
Parent ID:  #25925   | Points:
 Reviewer:  asn  |Sponsor:
-+-
Changes (by asn):

 * status:  needs_review => needs_revision


Comment:

 Putting to needs_revision because of comments in #25947.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

2018-05-21 Thread Tor Bug Tracker & Wiki 
#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201805   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by asn):

 Replying to [comment:45 pospeselr]:
 >
 > It's easy enough to add/modify text here, but the question is **what**
 text to put here?  Preferably something succinct I think (so that it can
 be added as an addendum to HTTPS Onion services as well).
 >
 > Any thoughts on this?

 How about starting with something simple like `Connection encrypted via
 onion services` or `Connection encrypted using onion services`?

 I know it doesn't specify the actual ciphers like the `HTTPS Onion` page,
 but perhaps we don't need to be perfect from the beginning. If we want to
 specify ciphers we need to distniguish between v2 and v3 and list the
 right ciphers for each one. Let me know if you want to do that.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16824 [Core Tor/Tor]: Emit a warning message about side channel leaks when using relays as clients

2018-05-21 Thread Tor Bug Tracker & Wiki 
#16824: Emit a warning message about side channel leaks when using relays as
clients
-+-
 Reporter:  starlight|  Owner:  (none)
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.6.10
 Severity:  Normal   | Resolution:
 Keywords:  mike-can, tor-client tor-relay   |  Actual Points:
  sidechannel logging easy   |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-

Comment (by starlight):

 Possibly logic from #26062 can be used to decide when to issue a warning.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gilbertoblue):

 where is the Event viewer?  I've seen it, but it is NOT a control panel
 item.  Looked in System, but didn't see it

 there is no evidence that I am using MinGW, I have never even heard of it

 thanks again

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 You can look at [https://www.howto-connect.com/event-viewer-on-windows-10/
 Event viewer (Applications Log)] for system report about failed
 application.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26136 [Core Tor/Tor]: DirPort reachability test inconsistency when only "DirPort x.x.x.x:x NoAdvertise" configured

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26136: DirPort reachability test inconsistency when only "DirPort x.x.x.x:x
NoAdvertise" configured
--+
 Reporter:  starlight |  Owner:  (none)
 Type:  defect| Status:
  |  needs_information
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor:
  |  0.3.4.1-alpha
 Severity:  Normal| Resolution:
 Keywords:  regression-maybe, 034-must-maybe  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by starlight):

 For emphasis:

 Appears this bug require a non-routeable and/or non-reachable NoAdvertise
 DirPort address.  If the NoAdvertise address is reachable the test might
 succeed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26136 [Core Tor/Tor]: DirPort reachability test inconsistency when only "DirPort x.x.x.x:x NoAdvertise" configured

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26136: DirPort reachability test inconsistency when only "DirPort x.x.x.x:x
NoAdvertise" configured
--+
 Reporter:  starlight |  Owner:  (none)
 Type:  defect| Status:
  |  needs_information
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor:
  |  0.3.4.1-alpha
 Severity:  Normal| Resolution:
 Keywords:  regression-maybe, 034-must-maybe  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by starlight):

 A quick review of 0.3.4 code reveals the bug appears subtle, and likely to
 be present in prior releases.

 The flag DirPort_set in or.h determines whether DirPort self-checking
 should occur.  The test-circuit launch is attempted but results in "exit
 point is not known" because the NoAdvertise address is a non-routable
 address and/or because it does not match the relay descriptor public
 addresses, is not present in the descriptor.

 DirPort_set does not consider NoAdvertise.  For this to work correctly
 some logic examining NoAdvertise is required and none is evident.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 > MinGW code - What is this?
 https://en.wikipedia.org/wiki/MinGW
 (I'm random person)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gilbertoblue):

 1) you didn't specifically indicate that I am running any AntiVirus code
 2) so you are saying my TOR problems, are REALLY a Windows problem??  I
 have never had this problem before.  I also have never seen the claim
 before that Windows causes specific TOR problems
 3) MinGW code  -  What is this?

 Please answer my question about the location of the file that receives TOR
 errors.  If you can't answer this question, then it seems we are
 completely lost

 thanks for your help

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 #20904 #22456 #23994 #24619 #25133 #25868
 > I have been programming for 35 years, I know how these things happen
 sometimes
 Your total burn crash is about Windows, Antivirus, MinGW code.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24629 [Core Tor/Tor]: Activate osx builds on travis, at low priority

2018-05-21 Thread Tor Bug Tracker & Wiki 
#24629: Activate osx builds on travis, at low priority
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  not-just-linux, tor-ci, teor-was-|  Actual Points:
  assigned, 034-triage-20180328, |
  034-removed-20180328 034-backport  |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:
 not-just-linux, tor-ci, teor-was-assigned, 034-triage-20180328,
 034-removed-20180328
 =>
 not-just-linux, tor-ci, teor-was-assigned, 034-triage-20180328,
 034-removed-20180328 034-backport


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20424 [Core Tor/Tor]: Remove --enable-openbsd-malloc (Tor maxes CPU when --enable-openbsd-malloc is used)

2018-05-21 Thread Tor Bug Tracker & Wiki 
#20424: Remove --enable-openbsd-malloc (Tor maxes CPU when 
--enable-openbsd-malloc
is used)
-+-
 Reporter:  icanhasaccount   |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Minor| Resolution:
 Keywords:  review-group-31, |  Actual Points:
  034-triage-20180328, fast-fix  |
Parent ID:   | Points:  .2
 Reviewer:  nickm|Sponsor:
-+-

Comment (by Hello71):

 additionally, starting with 5, jemalloc now uses extent based allocation,
 so from what I understand, ASLR will be just as good as with other
 allocators.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26142 [Core Tor/Tor]: replace uses of U64_* and I64_* macros with their C99 stdint.h or inttypes.h equivalents

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26142: replace uses of U64_* and I64_* macros with their C99 stdint.h or
inttypes.h equivalents
-+
 Reporter:  catalyst |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  technical-debt, cleanup  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by nickm):

 +1.  And also see macros in torint.h.

 An ideal patch here would be a script-generated one, to make it easier to
 audit.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gilbertoblue):

 assumptions?  I have given you the facts.  That first image that I
 included should be enough to roughly diagnose the problem, even beyond the
 troubleshooting tips

 2) time zone is correct
 3) no other TOR in task list
 4) I found a task called "Antimalware Service Executable".  I can't
 terminate it, even though I am an admin.  I don't know what this is, a
 windows process?.  I am definitely NOT running Kapersky

 I am very sorry that my experiences with tech support have routinely
 required me to ask for more experienced personnel, but that is absolutely
 true.  I had no way of knowing who you are, but now I know, so that's all
 good

 I'm not convinced that I am running any anti virus software, but perhaps
 my response to 4) does indicate such.  Not an expert, but it seems
 possible that TOR should be able to recognize problems from anti virus
 software, and then specifically indicate this.  Without question, TOR
 should be able to identify the specific point of failure, and this should
 be logged

 Once again, where else are TOR problems logged?  Copy to Clipboard does
 NOTHING.  It has to be true that it is all logged to a file as well

 thanks once again

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20424 [Core Tor/Tor]: Remove --enable-openbsd-malloc (Tor maxes CPU when --enable-openbsd-malloc is used)

2018-05-21 Thread Tor Bug Tracker & Wiki 
#20424: Remove --enable-openbsd-malloc (Tor maxes CPU when 
--enable-openbsd-malloc
is used)
-+-
 Reporter:  icanhasaccount   |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Minor| Resolution:
 Keywords:  review-group-31, |  Actual Points:
  034-triage-20180328, fast-fix  |
Parent ID:   | Points:  .2
 Reviewer:  nickm|Sponsor:
-+-

Comment (by Hello71):

 I asked Firefox people and they said that Firefox uses "jemalloc for
 Windows/Mac/Linux/Android, system malloc on iOS".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26133 [Webpages/Website]: Add OnionBrowser to TorProject.org/download redesigned page

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26133: Add OnionBrowser to TorProject.org/download redesigned page
--+--
 Reporter:  Dbryrtfbcbhgf |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  website redesign
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Dbryrtfbcbhgf):

 Replying to [comment:4 cypherpunks]:
 > But OnionBrowser has nothing to do with the Tor Browser, i.e. it doesn't
 have the same level of fingerprinting resistance also it leaks leaks leaks
 more than wikileaks, so putting it side by side with other Tor Browser
 builds is misleading I think to the visitors.
  A disclaimer/warning can be added so that user fully understands the
 possible risk.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24629 [Core Tor/Tor]: Activate osx builds on travis, at low priority

2018-05-21 Thread Tor Bug Tracker & Wiki 
#24629: Activate osx builds on travis, at low priority
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  not-just-linux, tor-ci, teor-was-|  Actual Points:
  assigned, 034-triage-20180328, |
  034-removed-20180328   |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * milestone:  Tor: unspecified => Tor: 0.3.5.x-final


Comment:

 Travis has recently upgraded its macOS builders, so we should try enabling
 macOS again:
 https://blog.travis-ci.com/2018-01-30-macos-update

 This should only take an hour or two to rebase onto master and test.

 Putting this in 0.3.5, because a lack of macOS CI is holding up tickets
 like #17949.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26059 [Applications/Tor Browser]: Use mar files from the signed directory when generating incremental mars

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26059: Use mar files from the signed directory when generating incremental mars
-+-
 Reporter:  boklm|  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, boklm201805,|  Actual Points:
  TorBrowserTeam201805R  |
Parent ID:  #23657   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  tbb-rbm, boklm201805, TorBrowserTeam201805 => tbb-rbm,
 boklm201805, TorBrowserTeam201805R
 * status:  new => needs_review


Comment:

 There is a patch for this in branch `bug_26059_v3`:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_26059_v3=a1abee7050f09abf04e4e319841202d7b80c637d

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17569 [Applications/Tor Browser]: Add uBlock Origin to the Tor Browser

2018-05-21 Thread Tor Bug Tracker & Wiki 
#17569: Add uBlock Origin to the Tor Browser
-+-
 Reporter:  kernelcorn   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  reopened
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability tbb-security, tbb- |  Actual Points:
  performance|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  invalid =>


Comment:

 Replying to [comment:48 cypherpunks]:
 > Adding an add-on which make internet connection in background is against
 Tor Browser's design.
 > Write a concrete proposal and attach to this ticket before you reopen
 this.
 So let's remove HTTPS Everywhere as well since it makes connections to get
 ruleset updates? There are valid reasons to be against uBO in the Tor
 Browser, but this one isn't among them.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26136 [Core Tor/Tor]: DirPort reachability test inconsistency when only "DirPort x.x.x.x:x NoAdvertise" configured

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26136: DirPort reachability test inconsistency when only "DirPort x.x.x.x:x
NoAdvertise" configured
--+
 Reporter:  starlight |  Owner:  (none)
 Type:  defect| Status:
  |  needs_information
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor:
  |  0.3.4.1-alpha
 Severity:  Normal| Resolution:
 Keywords:  regression-maybe, 034-must-maybe  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by teor):

 We still need to answer these questions to prioritise this ticket:

 > Does this config work with Tor 0.3.3?
 > Does it work with Tor 0.2.9?
 > (If it does, we must fix this regression before 0.3.4 stable. If it has
 been a bug for a long time, maybe it can wait.)

 The following minimal config should reproduce this issue:
 {{{
 tor DirPort "9030 NoAdvertise"
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by teor):

 Replying to [comment:5 gilbertoblue]:
 > 2) my computer clock is totally correct

 Please check your timezone, if you haven't already.

 > 3) of course there is NOT another instance of Tor running

 Please check the process list, if you haven't already.

 > 4) i have never had a problem with Tor and an antivirus program

 Antivirus programs regularly identify Tor as malicious, because it is
 sometimes bundled with malware. This can happen due to a signature update.
 And it can disappear with another signature update.

 You wouldn't happen to be running Kapersky? It's been the worst one
 lately.

 > you clearly don't have the background to diagnose this problem, please
 have a much more informed person reply with further instructions

 gk is the Tor Browser team lead:
 https://www.torproject.org/about/corepeople.html.en#GeKo

 Try to avoid making technical and social assumptions - they make it harder
 to get your problem fixed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9711 [Applications/Tor Browser]: Test out crosstools-ng for rbm/tor-browser-build OSX builds (instead of toolchain4 binaries)

2018-05-21 Thread Tor Bug Tracker & Wiki 
#9711: Test out crosstools-ng for rbm/tor-browser-build OSX builds (instead of
toolchain4 binaries)
+--
 Reporter:  mikeperry   |  Owner:  tbb-team
 Type:  task| Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-rbm, GeorgKoppen201805  |  Actual Points:
Parent ID:  #24631  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by gk):

 * keywords:  tbb-rbm, GeorgKoppen201506 => tbb-rbm, GeorgKoppen201805
 * status:  needs_information => assigned
 * parent:   => #24631


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26141 [Applications/Tor Browser]: total burn crash

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26141: total burn crash
--+---
 Reporter:  gilbertoblue  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gilbertoblue):

 1) the image with Connect and Configure is UNAVAILABLE to me.  I see only
 the image that I referenced
 2) my computer clock is totally correct
 3) of course there is NOT another instance of Tor running
 4) i have never had a problem with Tor and an antivirus program
 5) I do NOT have an enabled firewall
 6) I told you that I already tried re-installing Tor, results in exact
 same problem
 7) I have never had a problem before running TOR
 8) "Tor Browser is under constant development, and some issues are known
 about but not yet fixed"

 yes you are correct about 8)

 you clearly don't have the background to diagnose this problem, please
 have a much more informed person reply with further instructions

 I have been programming for 35 years, I know how these things happen
 sometimes

 thanks very much

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #5236 [Applications/Tor bundles/installation]: Make a deb of the Torbrowser and add to repository

2018-05-21 Thread Tor Bug Tracker & Wiki 
#5236: Make a deb of the Torbrowser and add to repository
-+-
 Reporter:  cypherpunks  |  Owner:  (none)
 Type:  enhancement  | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  bundles/installation   |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by tom):

 * cc: tom+tor-trac@… (removed)


Comment:

 Hah, I inherited flasmark's cc...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26146 [Applications/Tor Browser]: Setting `general.useragent.override` does not spoof the platform part anymore in ESR 60 which is confusing

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26146: Setting `general.useragent.override` does not spoof the platform part
anymore in ESR 60 which is confusing
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by tom):

 Replying to [comment:2 cypherpunks]:
 > Expecting
 > Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0

 If Firefox with RFP or Tor Browser used this format it would not match
 Firefox's (non-RFP) format and would be easily identifiable.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17569 [Applications/Tor Browser]: Add uBlock Origin to the Tor Browser

2018-05-21 Thread Tor Bug Tracker & Wiki 
#17569: Add uBlock Origin to the Tor Browser
-+-
 Reporter:  kernelcorn   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  invalid
 Keywords:  tbb-usability tbb-security, tbb- |  Actual Points:
  performance|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 Adding an add-on which make internet connection in background is against
 Tor Browser's design.
 Write a concrete proposal and attach to this ticket before you reopen
 this.

 Also we are against adding uBO to Tor Browser.
 Such user can add the add-on by themselves WITH THEIR OWN RESPONSIBILITY.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26146 [Applications/Tor Browser]: Setting `general.useragent.override` does not spoof the platform part anymore in ESR 60 which is confusing

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26146: Setting `general.useragent.override` does not spoof the platform part
anymore in ESR 60 which is confusing
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 'privacy.resistFingerprinting' is severly broken. They - Mozilla -
 implemented it wrong.

 Firefox with 'privacy.resistFingerprinting:true'
 (60 and above)
 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101
 Firefox/60.0
 (before 60)
 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101
 Firefox/52.0

 Tor Browser
 Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0

 Expecting
 Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26146 [Applications/Tor Browser]: Setting `general.useragent.override` does not spoof the platform part anymore in ESR 60 which is confusing

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26146: Setting `general.useragent.override` does not spoof the platform part
anymore in ESR 60 which is confusing
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Type 'navigator' in developer console.
 Tor Browser is a 'browser' so why not change navigator.* code to match
 Windows OS?

 (make the website owner believe the TorBrowser user is using Windows 10
 and Firefox 60(ESR))

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26146 [Applications/Tor Browser]: Setting `general.useragent.override` does not spoof the platform part anymore in ESR 60 which is confusing

2018-05-21 Thread Tor Bug Tracker & Wiki 
#26146: Setting `general.useragent.override` does not spoof the platform part
anymore in ESR 60 which is confusing
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  ff60-esr
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Despite updating `general.useragent.override` to match ESR 60 (done
 according to comment:16:ticket:25543) the platform part is not spoofed to
 Windows on my Linux box.

 Now, that is intentional, see:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1404608.

 So, we probably should not set `general.useragent.override` at all anymore
 and just rely on the settings we get with `privacy.resistFingerprinting`?
 Because if we explicitly set it to the Windows UA but then don't get that,
 this is weird.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

  1   2   >